The issue. DoD has been trying to establish its plans, structures, processes, and systems to deal with its cybersecurity and operational issues for several years. These efforts have slowly evolved as DoD has clarified and understood its cyber mission. Given the latest proclamation of the cyber roles assigned to government agencies (in the Presidential Policy Directive 41), it is probably time to put together more definitive plans for the DoD cyber forces and the cyber duties associated with all units, service members, and DoD employees. Another recent document that helps DoD sort out its cyber roles comes from the Joint Operating Environment 2035 (JOE2035), subtitled The Joint Force in a Contested and Disordered World, published in 14 July 2016. Essentially, the President’s document assigns DoD to take care of DoD-related contested military cyber issues. The JOE2035 predicts there will be plenty to do by the cyber forces, and identifies a high-probability, almost continuous, context for future conflict in cyberspace by outlining the struggle to define and protect sovereignty in cyberspace for our military. The cyber domain is a growth area with the specter of continuous, sometimes intense, conflict for a long time. With the US depending heavily on the interdependent networks of information technology (Internet, telecommunications networks, computer systems, embedded processors and controllers) and the data, information, and knowledge that is stored and flows through and between these systems, the cyber domain is the place where a high-stakes competition has, is and will be taking place.
DoD is concerned about:
Growth of state- and non-state-sponsored cyber forces and capabilities. These organizations will have more advanced cyber warfare capabilities. “Conflict and war are likely to occur as states struggle to define and credibly protect sovereignty in cyberspace. Defining the boundaries that exist between sovereign and non-sovereign areas has always been difficult, contentious, and usually resolved through war.” [JOE2035] Because rules and norms are currently poorly established in cyberspace, our cyber forces will need to be agile and adaptive. The contest in cyberspace is likely to be chaotic, complex and full of ambiguity, friction, conflict, and war. The hope is that by 2035 international norms will be created and followed in cyberspace, but such a vision may be impossible in a virtual space where the identity of attackers can be hidden and their actions can have such devastating effects.
Other Countries’ cyber forces. The cyber forces of some states will be used to stress or fracture the social and political cohesion of competitors. The US cyber domain is likely to be a primary target for US adversaries to make maximum effect to influence key US political, business, and military leaders through targeted information warfare.
Military competitive space. Cyberspace may lead to new modes of conflict. The vulnerability of cyber-enabled systems allows competitors to probe, infiltrate, and attack without significant reprisal. Many nations may develop extensive offensive cyber forces to disrupt the functioning of competitors’ cyber-connected systems. Some nations will integrate cyber warfare capabilities with other operational capabilities.
Technical competitive space. Cyber operations will take place in an elevated tempo that will demand the development of artificial intelligence (AI) for battlespace characterization and management. The US Joint Force will be required to consider the nature of advanced AI systems and how to both defeat and protect systems that reside within the cyber domain. Additionally, game theoretic concepts will be needed to understand and compete in a contested cyberspace.
What do you think? So, what so you think about DoD’s readiness to enhance and build future cyber structures, processes and systems? How much will the cyber landscape change in the next 20 years? What areas of cybersecurity and operations does the US force need to develop to stay competitive and ready to perform its mission?
Some future topics. Let me know what you think lies ahead for cyber as I will soon follow this introduction with more on topics such as: the Army’s basic research in cyber topics; network science’s role in cyber operational planning; operations research’s role in cyber issues; where does AI, math modeling, and big data analysis fit into this topic; and how do we begin to get serious about educating and training DoD’s cyber forces.